Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Web Services > Web service with expiring passwords

Reply
Thread Tools

Web service with expiring passwords

 
 
JeffJ
Guest
Posts: n/a
 
      03-03-2009
I have simple "Hello World" web service created by web service wizard.
I have put it onto IIS server. Remove Anonymous access.

Call it via a windows .net app:

Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles MyBase.Load
Dim x As New WindowsApplication1.hellow.Service1

Dim cache = New System.Net.CredentialCache

cache.Add(New Uri(x.Url), "Negotiate", _
New System.Net.NetworkCredential("user", "pword", "domain"))
x.Credentials = cache

TextBox1.Text = x.HelloWorld
End Sub

Works great until I set password must be reset on next logon. Then get 401:
Access Denied.
I have PasswordChangeFlags set 1.
I have IISadmpwd up and working in IIS.

So my question is. Is there a way to get web services to work with
PasswordChangedFlags and IISADMPWD?

We need to be able to force periodic password changes for use of our
webservice.

Thanks,

Jeff

 
Reply With Quote
 
 
 
 
JeffJ
Guest
Posts: n/a
 
      03-10-2009
At least on IIS on XP the web service just returns error 401: Access Denied.

I was looking for help to actually notify user password was expired and then
ability to change it. The users will ONLY ever interact via the web service
so no other way for them to ever know there password is or going to expire.

Sounds like someone else here has had different responce with 2003 server.
May have actually did a redirect at least. I haven't tried it.

Jeff

"Patrice" wrote:

> A bit unclear. Do you mean it still doesn't work if the user change the
> password ? Have you tried to change the password as required to see if the
> service then works ?
>
> Or would you like that the user has to change its password but that the web
> service can work with the user account "old" password (IMHO you can't).
>
> --
> Patrice
>
> "JeffJ" <(E-Mail Removed)> a écrit dans le message de groupe
> de discussion : http://www.velocityreviews.com/forums/(E-Mail Removed)...
> > I have simple "Hello World" web service created by web service wizard.
> > I have put it onto IIS server. Remove Anonymous access.
> >
> > Call it via a windows .net app:
> >
> > Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As
> > System.EventArgs) Handles MyBase.Load
> > Dim x As New WindowsApplication1.hellow.Service1
> >
> > Dim cache = New System.Net.CredentialCache
> >
> > cache.Add(New Uri(x.Url), "Negotiate", _
> > New System.Net.NetworkCredential("user", "pword", "domain"))
> > x.Credentials = cache
> >
> > TextBox1.Text = x.HelloWorld
> > End Sub
> >
> > Works great until I set password must be reset on next logon. Then get
> > 401:
> > Access Denied.
> > I have PasswordChangeFlags set 1.
> > I have IISadmpwd up and working in IIS.
> >
> > So my question is. Is there a way to get web services to work with
> > PasswordChangedFlags and IISADMPWD?
> >
> > We need to be able to force periodic password changes for use of our
> > webservice.
> >
> > Thanks,
> >
> > Jeff
> >

>
>

 
Reply With Quote
 
 
 
 
JeffJ
Guest
Posts: n/a
 
      03-11-2009
That would also be something that it should do.

But it will need to deal with expired too. Harder to test soon expiring as
need to have account that falls into that. Expiring in a few days isn't
something you can set on account. Need a full test domain to adjust max
password age.

"Patrice" wrote:

> What if you set an expiration delay rather than immediately asking for a new
> password ?
>
> Search around http://support.microsoft.com/kb/297121/en-us. It seems owa
> does this but it is unclear if it works once the password expired. The idea
> would be then to have an expiration delay and to check this expiration so
> that you can ask the user to change his password *before* expiration...
>
> A generic message could include a link to the change password page (have you
> checked if you are allowed to change your password after it has expired ?)
>
> --
> Patrice
>
> "JeffJ" <(E-Mail Removed)> a crit dans le message de groupe
> de discussion : (E-Mail Removed)...
> > At least on IIS on XP the web service just returns error 401: Access
> > Denied.
> >
> > I was looking for help to actually notify user password was expired and
> > then
> > ability to change it. The users will ONLY ever interact via the web
> > service
> > so no other way for them to ever know there password is or going to
> > expire.
> >
> > Sounds like someone else here has had different responce with 2003 server.
> > May have actually did a redirect at least. I haven't tried it.
> >
> > Jeff
> >
> > "Patrice" wrote:
> >
> >> A bit unclear. Do you mean it still doesn't work if the user change the
> >> password ? Have you tried to change the password as required to see if
> >> the
> >> service then works ?
> >>
> >> Or would you like that the user has to change its password but that the
> >> web
> >> service can work with the user account "old" password (IMHO you can't).
> >>
> >> --
> >> Patrice
> >>
> >> "JeffJ" <(E-Mail Removed)> a crit dans le message de
> >> groupe
> >> de discussion : (E-Mail Removed)...
> >> > I have simple "Hello World" web service created by web service wizard.
> >> > I have put it onto IIS server. Remove Anonymous access.
> >> >
> >> > Call it via a windows .net app:
> >> >
> >> > Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As
> >> > System.EventArgs) Handles MyBase.Load
> >> > Dim x As New WindowsApplication1.hellow.Service1
> >> >
> >> > Dim cache = New System.Net.CredentialCache
> >> >
> >> > cache.Add(New Uri(x.Url), "Negotiate", _
> >> > New System.Net.NetworkCredential("user", "pword", "domain"))
> >> > x.Credentials = cache
> >> >
> >> > TextBox1.Text = x.HelloWorld
> >> > End Sub
> >> >
> >> > Works great until I set password must be reset on next logon. Then get
> >> > 401:
> >> > Access Denied.
> >> > I have PasswordChangeFlags set 1.
> >> > I have IISadmpwd up and working in IIS.
> >> >
> >> > So my question is. Is there a way to get web services to work with
> >> > PasswordChangedFlags and IISADMPWD?
> >> >
> >> > We need to be able to force periodic password changes for use of our
> >> > webservice.
> >> >
> >> > Thanks,
> >> >
> >> > Jeff
> >> >
> >>
> >>

>

 
Reply With Quote
 
JeffJ
Guest
Posts: n/a
 
      03-11-2009
Yes.
It works via web pages.

"Patrice" wrote:

> Technically does it work if you go to the "change password" url and change
> your password ? What is the UI ? Not sure but IMO this a public page and you
> have to type both your old and new password, that is technically you are NOT
> logged until the password is changed.
>
> Also perhaps the error uses an HTTP subcode that would tell that the
> password expired ? (if you use OWA you could see how it react to see if it
> is able to detect this).
>
> It seems this is a not widely explored issue. Good luck.
>
> According to
> http://www.eggheadcafe.com/conversat...eadid=31045818
> and the final response it looks like it worked without coding (not sure
> though if the redirect was done automatically of if the guy just left out
> this part).
>
> Or perhaps http://support.microsoft.com/kb/833734/en-us and the application
> and the password change virtual directory must run in the same application
> pool.
>
> I would test this first from a browser for interactive pages (possibly when
> accesing the web service test page from a browser) to see it if seems to be
> handled automatically. Then I would move to a web service called
> programmatically.
>
> Beyond that point you are on your own as I'm running out of thoughts
> about this issue...
>
> --
> Patrice
>
>
>
> "JeffJ" <(E-Mail Removed)> a crit dans le message de groupe
> de discussion : (E-Mail Removed)...
> > That would also be something that it should do.
> >
> > But it will need to deal with expired too. Harder to test soon expiring
> > as
> > need to have account that falls into that. Expiring in a few days isn't
> > something you can set on account. Need a full test domain to adjust max
> > password age.
> >
> > "Patrice" wrote:
> >
> >> What if you set an expiration delay rather than immediately asking for a
> >> new
> >> password ?
> >>
> >> Search around http://support.microsoft.com/kb/297121/en-us. It seems owa
> >> does this but it is unclear if it works once the password expired. The
> >> idea
> >> would be then to have an expiration delay and to check this expiration so
> >> that you can ask the user to change his password *before* expiration...
> >>
> >> A generic message could include a link to the change password page (have
> >> you
> >> checked if you are allowed to change your password after it has expired
> >> ?)
> >>
> >> --
> >> Patrice
> >>
> >> "JeffJ" <(E-Mail Removed)> a crit dans le message de
> >> groupe
> >> de discussion : (E-Mail Removed)...
> >> > At least on IIS on XP the web service just returns error 401: Access
> >> > Denied.
> >> >
> >> > I was looking for help to actually notify user password was expired and
> >> > then
> >> > ability to change it. The users will ONLY ever interact via the web
> >> > service
> >> > so no other way for them to ever know there password is or going to
> >> > expire.
> >> >
> >> > Sounds like someone else here has had different responce with 2003
> >> > server.
> >> > May have actually did a redirect at least. I haven't tried it.
> >> >
> >> > Jeff
> >> >
> >> > "Patrice" wrote:
> >> >
> >> >> A bit unclear. Do you mean it still doesn't work if the user change
> >> >> the
> >> >> password ? Have you tried to change the password as required to see if
> >> >> the
> >> >> service then works ?
> >> >>
> >> >> Or would you like that the user has to change its password but that
> >> >> the
> >> >> web
> >> >> service can work with the user account "old" password (IMHO you
> >> >> can't).
> >> >>
> >> >> --
> >> >> Patrice
> >> >>
> >> >> "JeffJ" <(E-Mail Removed)> a crit dans le message de
> >> >> groupe
> >> >> de discussion : (E-Mail Removed)...
> >> >> > I have simple "Hello World" web service created by web service
> >> >> > wizard.
> >> >> > I have put it onto IIS server. Remove Anonymous access.
> >> >> >
> >> >> > Call it via a windows .net app:
> >> >> >
> >> >> > Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As
> >> >> > System.EventArgs) Handles MyBase.Load
> >> >> > Dim x As New WindowsApplication1.hellow.Service1
> >> >> >
> >> >> > Dim cache = New System.Net.CredentialCache
> >> >> >
> >> >> > cache.Add(New Uri(x.Url), "Negotiate", _
> >> >> > New System.Net.NetworkCredential("user", "pword",
> >> >> > "domain"))
> >> >> > x.Credentials = cache
> >> >> >
> >> >> > TextBox1.Text = x.HelloWorld
> >> >> > End Sub
> >> >> >
> >> >> > Works great until I set password must be reset on next logon. Then
> >> >> > get
> >> >> > 401:
> >> >> > Access Denied.
> >> >> > I have PasswordChangeFlags set 1.
> >> >> > I have IISadmpwd up and working in IIS.
> >> >> >
> >> >> > So my question is. Is there a way to get web services to work with
> >> >> > PasswordChangedFlags and IISADMPWD?
> >> >> >
> >> >> > We need to be able to force periodic password changes for use of our
> >> >> > webservice.
> >> >> >
> >> >> > Thanks,
> >> >> >
> >> >> > Jeff
> >> >> >
> >> >>
> >> >>
> >>

>

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Does timer in Web Service Global.asax block my Web Service from processing web-site requests? Leo Violette ASP .Net Web Services 0 04-17-2009 12:39 AM
InvocationTargetException when calling "new Service()" in Axis web service to call another web service Michael Averstegge Java 0 01-10-2006 11:05 PM
Main Mode IKE expiring , what's next? matteo_cardelli@yahoo.co.uk Cisco 0 08-20-2005 05:00 PM
expiring passwords with impersonated identity Anton Sokolovsky ASP .Net Security 1 11-02-2004 01:45 PM
Re: MCSD vb6 - is it worth it? MCSD v6 exams expiring in 2004 Cindy Winegarden MCSD 0 06-29-2003 07:42 PM



Advertisments